Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
Sucuri Blog
  • Products
    • Website Security Platform
    • Website Firewall (WAF)
    • Multi-Site plans
    • Custom & Enterprise Plans
    • Partnerships
  • Features
    • Detection
      Website Monitoring & Alerts
    • Protection
      Future Website Hacks
    • Performance
      Speed Up Your Website
    • Response
      Help For Hacked Websites
    • Backups
      Disaster Recovery Plan
  • Resources
    • Guides
    • Webinars
    • Infographics
    • Blog
    • SiteCheck
    • Reports
    • Email Courses
  • Pricing
  • Immediate Help
  • Login
  • Immediate Help
Login
Login

New Customer?

Sign up now.
  • Submit a ticket
  • Knowledge base
  • Chat now

Search Results

tagdiv

13 posts
Balada Injector Targets Unpatched tagDiv Plugin, Newspaper Theme & WordPress Admins
  • Website Malware Infections
  • WordPress Security

Balada Injector Targets Unpatched tagDiv Plugin, Newspaper Theme & WordPress Admins

  • Denis Sinegubko
  • October 6, 2023
In the middle of September 2023, vulnerability advisory resources disclosed the details of an Unauthenticated Stored XSS vulnerability in the tagDiv Composer (the companion plugin…
Read the Post
Massive WordPress Redirect Campaign Targets Vulnerable tagDiv Themes and Ultimate Member Plugins
  • Sucuri
  • Website Security
  • WordPress Security

Massive WordPress Redirect Campaign Targets Vulnerable tagDiv Themes and Ultimate Member Plugins

  • Denis Sinegubko
  • August 22, 2018
This August, we’ve seen a new massive wave of WordPress infections that redirect visitors to unwanted sites. When redirected, users see annoying pages with random…
Read the Post
  • Website Malware Infections
  • WordPress Security

Mal.Metrica Redirects Users to Scam Sites

  • Ben Martin
  • May 2, 2024
One of our analysts recently identified a new Mal.Metrica redirect scam on compromised websites, but one that requires a little bit of effort on the…
Read the Post
  • Website Malware Infections
  • WordPress Security

Thousands of Sites with Popup Builder Compromised by Balada Injector

  • Denis Sinegubko
  • January 10, 2024
On December 11, 2023 WPScan published Marc Montpas’ research on the stored XSS vulnerability in the popular Popup Builder plugin (200,000+ active installation) that was…
Read the Post
Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign
  • Website Malware Infections
  • Website Security
  • WordPress Security

Balada Injector: Synopsis of a Massive Ongoing WordPress Malware Campaign

  • Denis Sinegubko
  • April 6, 2023
Our team at Sucuri has been tracking a massive WordPress infection campaign since 2017 — but up until recently never bothered to give it a…
Read the Post
Massive 1800ForBail WordPress Hacks
  • WordPress Security

Massive 1800ForBail WordPress Hacks

  • Denis Sinegubko
  • June 28, 2019
Sucuri malware analyst Kaushal Bhavsar recently brought our attention to a massive campaign responsible for adding either “1800ForBail” or “1800ForBail – One+Number” keywords to the…
Read the Post
Labs Note
  • Sucuri Labs
  • Website Malware Infections
  • WordPress Security

Malware Campaign Evolves to Target New Plugins: May 2019

  • John Castro
  • May 28, 2019
A long-lasting malware campaign targeting deprecated, vulnerable versions of plugins continues to be leveraged by attackers to inject malicious scripts into affected websites. Easily automated…
Read the Post
Labs Note
  • Sucuri Labs
  • Vulnerability Disclosure
  • Website Malware Infections
  • WordPress Security

Multi-Vector Attack in Server Logs

  • John Castro
  • March 25, 2019
We recently noticed an increase on suspicious requests in our logs which reveal a planned attack against the Social Warfare plugin. Bad actors added this…
Read the Post
Fake UpdraftPlus WordPress Plugin
  • WordPress Security

Erealitatea[.]net Hack Corrupts Websites with WP GDPR Compliance Plugin Vulnerability

  • Pedro Peixoto
  • November 9, 2018
We have noticed a growing number of WordPress-based sites that have had their URL settings changed to hxxp://erealitatea[.]net. Further investigations show that the issue is…
Read the Post
Multiple Ways to Inject Tech Support Scams
  • WordPress Security

Multiple Ways to Inject the Same Tech Support Scam Malware

  • Denis Sinegubko
  • October 23, 2018
Last month, we shared information about yet another series of ongoing massive infections using multiple different vectors to inject malicious scripts into WordPress websites. Shortly…
Read the Post
Labs Note
  • Sucuri Labs
  • Website Malware Infections
  • WordPress Security

Multi-Vector WordPress Infection from Examhome

  • Denis Sinegubko
  • September 18, 2018
This September, we’ve been seeing a massive infection wave that injects malicious JavaScript code into .js, .php files and the WordPress database.> The script looks…
Read the Post
Search
Sucuri Sidebar Malware Removal to Signup Page
Sucuri Logo

Let’s Connect

Products
Website Firewall Website Security Platform WordPress Security Website Backups Hack Assistance Pricing
Solutions
DDoS Protection Malware Detection Malware Removal Malware Prevention Blacklist Removal SEO Spam Removal
USE CASES
Developers Ecommerce Agency Plans Enterprise Services HTTPS/2 Virtual Patching
Support
Knowledge Base SiteCheck Guides Research Labs Report Abuse Status Report
Company
About Sucuri Contact Blog Referral Partners Testimonials
Terms of Use Privacy Policy Do Not Sell My Personal Information Frequently Asked Questions

© 2025 GoDaddy Mediatemple, Inc., d/b/a Sucuri. All rights reserved.

back to top

'